Need help

View previous topic View next topic Go down

Need help

Post by Stephon on 20th August 2009, 8:10 am

Well I just did a full scan with Malwarebytes and it came up with a few things..

Code:

Malwarebytes' Anti-Malware 1.40
Database version: 2661
Windows 5.1.2600 Service Pack 3

8/20/2009 1:08:10 AM
mbam-log-2009-08-20 (01-08-10).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 119985
Time elapsed: 23 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 20

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Digcore.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Msncli.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\0581874009280c186f856f079594d1ccc7a851f4 (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\c0b5e28a5c81ac2876216f0a963fdd4b6d478378 (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\97cb99aa729a3e84c1961060d22d93aab9a0c576 (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\digcore.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\msncli.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\msnsusii.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netsetup.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wextract.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wextract.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\netsetup.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\ServicePackFiles\i386\msncli.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\ServicePackFiles\i386\msnsusii.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\ServicePackFiles\i386\wextract.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\ServicePackFiles\i386\netsetup.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\ServicePackFiles\i386\digcore.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtServicePackUninstall$\netsetup.exe (Worm.Autorun) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtServicePackUninstall$\wextract.exe (Worm.Autorun) -> Quarantined and deleted successfully.

Then after I clicked removed, Windows XP starts saying that some system files are missing or not recognized. Are those false or are they real?

Stephon
Intermediate
Intermediate

Posts Posts : 93
Joined Joined : 2008-09-06
Gender Gender : Male
OS OS : Windows XP
Points Points : 30200
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Need help

Post by Belahzur on 20th August 2009, 7:50 pm

Hello.
Open MBAM, go into the quarantine tab please.
Restore each of them items MBAM has removed.

Next, go into the update tab and run check for updates. Latest database as of right now is 2666.

Now close MBAM.

Next, go to Start > Run.
In the run box, copy and paste in the following:

mbam /developer

Now run a new scan and see what it finds.
Once done, DO NOT!! remove anything, copy and paste the log file back here.


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Need help

Post by Stephon on 22nd August 2009, 6:16 am

I removed the items..

Here's the scan anyways..
Code:

Malwarebytes' Anti-Malware 1.40
Database version: 2675
Windows 5.1.2600 Service Pack 3

8/22/2009 12:10:12 AM
mbam-log-2009-08-22 (00-10-12).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 118427
Time elapsed: 39 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Stephon
Intermediate
Intermediate

Posts Posts : 93
Joined Joined : 2008-09-06
Gender Gender : Male
OS OS : Windows XP
Points Points : 30200
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum